Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid MITM Problem

    Scheduled Pinned Locked Moved
    Cache/Proxy
    2
    2
    888
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dochy
      last edited by dochy

      Hi i have pfsense+ transparent squid proxy installed on it. Squid is configured to log https sites too. Everything works good but sometimes users have ERROR_SSL_PROTOCOL_ERROR. DNS query forwarding is enabled. in Real-Time monitoring lots of error:transaction-end-before-headers

      c33682a5-abb2-49bd-a2c1-9728b21a7962-image.png

      Here is my config

      6.png 5.png 4.png 3.png 2.png

      JonathanLeeJ 1 Reply Last reply Reply Quote 0
      • JonathanLeeJ
        JonathanLee @dochy
        last edited by

        @dochy Nice Config,

        Screenshot 2023-02-22 at 10.13.55 PM.png

        This is mine, I set specific devices to splice as source,

        I have a regex list saved in /usr/local/pkg/url.nobump

        after I peak at step1
        splice the source addresses like the game system and tablets
        after I splice the URLs I have marked as trusted like banks,

        and I bump everything else.

        Screenshot 2023-02-22 at 10.16.42 PM.png
        This is my custom file I have items that won't work correctly with bump like antivirus, some updates, itunes etc.

        The main sites I want bumped are sites I do not normally go to, random sites this way it still stops viruses with HTTPS being checked.

        Screenshot 2023-02-22 at 10.18.19 PM.png

        I hope that helps as it seems like you have some 409 errors look up the server errors "The HTTP 409 status code (Conflict) indicates that the request could not be processed because of conflict in the request"
        These sites I would look into splicing if you need them, teams is one I splice its so slow without it.

        Make sure to upvote

        1 Reply Last reply Reply Quote 0
        • First post
          Last post